Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
cancel
Showing results for 
Search instead for 
Did you mean: 
Torsten_
Advisor
Advisor

This blog has been translated with Google Translate. the original blog can be found here: ekessler.de

In the block Use the reporting name in Exit-variables for authorization I have shown as the name of a report in the processing of exit variables in the context of the authorization may be used. In this block, I show what restrictions are taken into account.

The customer exit is traversed twice in the context of authorization. In the first pass the COMPID field is not yet available in the memory, and the call


IMPORTFROMMEMORYIDl_compidcompid='COMPID'.



returns for l_compid nothing. With the following code to ensure that all users of the report 'ZTKE_EXIT_VAR_AUTH' only the information on the country Germany (DE) is obtained.


METHODif_rsroa_variables_exit_badi~process.


   DATA: TYPE l_compid rszcompid,


         ls_range TYPE rrrangesid.



   IMPORT FROM MEMORY ID l_compid compid = 'COMPID'.



   CASE l_compid.


     WHEN 'ZTKE_EXIT_VAR_AUTH'.


          ls_range-sign = 'I'.


          ls_range-opt = 'EQ'.


          ls_range-low = 'EN'.


          APPEND TO ls_range c_t_range.


      ...


   ENDCASE.


ENDMETHOD.



The first call in I_STEP = 0 still determined not COMPID and thus no value for the processed here exit variable comes back as part of the authorization. In the second call, the COMPID can be determined and the permission is restricted to DE.

The first call has the consequence that we in the execution of the report, the warning


You do nothaveanalysisauthorizationforanychar. values​​of char. 0COUNTRY



get, see Figure 2.1. the authorization

By default, the variables are determined buffered values ​​in the context of the authorization check. To ensure that the values ​​can be evaluated in the second pass, the buffering in the RSECADMIN (see Figure 2.1) can be switched off. This is only possible system-wide!

Figure 2.1: Variablen Pufferung deaktivieren

After the buffer was switched off, we get no warnings regarding. The lack of analysis authorization more.

Unfortunately, there is no alternative to turning off the buffer. The analysis authorization concept clearly states that an analysis of authorization should be made ​​to the data and not the reporting object.